In addition to external port deleted scenario already covered in the test scenario, also validate that HA group change or unset also behaves properly (rules allowing external port traffic to leak into localnet gone).
Related: 1148580290d0a ("Don't suppress localport traffic directed to external port") Signed-off-by: Ihar Hrachyshka <ihrac...@redhat.com> v1: initial version v2: fix ddlog test failure by waiting on hv to sync --- tests/ovn.at | 43 ++++++++++++++++++++++++++++++++----------- 1 file changed, 32 insertions(+), 11 deletions(-) diff --git a/tests/ovn.at b/tests/ovn.at index 93e1a0267..32efc054f 100644 --- a/tests/ovn.at +++ b/tests/ovn.at @@ -12198,24 +12198,28 @@ send_garp() { ovs-appctl netdev-dummy/receive $inport $request } -spa=$(ip_to_hex 10 0 0 1) -tpa=$(ip_to_hex 10 0 0 2) -send_garp lp 000000000001 000000000002 $spa $tpa - -spa=$(ip_to_hex 10 0 0 1) -tpa=$(ip_to_hex 10 0 0 10) -send_garp lp 000000000001 000000000010 $spa $tpa +send_frames() { + spa=$(ip_to_hex 10 0 0 1) + tpa=$(ip_to_hex 10 0 0 2) + send_garp lp 000000000001 000000000002 $spa $tpa + + spa=$(ip_to_hex 10 0 0 1) + tpa=$(ip_to_hex 10 0 0 10) + send_garp lp 000000000001 000000000010 $spa $tpa + + spa=$(ip_to_hex 10 0 0 1) + tpa=$(ip_to_hex 10 0 0 3) + send_garp lp 000000000001 000000000003 $spa $tpa +} -spa=$(ip_to_hex 10 0 0 1) -tpa=$(ip_to_hex 10 0 0 3) -send_garp lp 000000000001 000000000003 $spa $tpa +send_frames dnl external traffic from localport should be sent to localnet AT_CHECK([tcpdump -r main/br-phys_n1-tx.pcap arp[[24:4]]=0x0a000002 | wc -l],[0],[dnl 1 ],[ignore]) -#dnl ...regardless of localnet / external ports creation order +dnl ...regardless of localnet / external ports creation order AT_CHECK([tcpdump -r main/br-phys_n1-tx.pcap arp[[24:4]]=0x0a00000a | wc -l],[0],[dnl 1 ],[ignore]) @@ -12225,6 +12229,23 @@ AT_CHECK([tcpdump -r main/br-phys_n1-tx.pcap arp[[24:4]]=0x0a000003 | wc -l],[0] 0 ],[ignore]) +# now disown both external ports, one by moving to another (non-existing) +# chassis, another by removing the port from any ha groups +check ovn-nbctl --wait=sb ha-chassis-group-add fake_hagrp +fake_hagrp_uuid=`ovn-nbctl --bare --columns _uuid find ha_chassis_group name=fake_hagrp` +check ovn-nbctl set logical_switch_port lext ha_chassis_group=$fake_hagrp_uuid +check ovn-nbctl clear logical_switch_port lext2 ha_chassis_group +check ovn-nbctl --wait=hv sync + +# check that traffic no longer leaks into localnet +send_frames + +for suffix in 2 a; do + AT_CHECK([tcpdump -r main/br-phys_n1-tx.pcap arp[[24:4]]=0x0a00000${suffix} | wc -l],[0],[dnl +1 +],[ignore]) +done + AT_CLEANUP ]) -- 2.31.1 _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev